cryptography

摘要： Mobile devices are being deployed rapidly for both private and professional reasons.One area of that has been growing is in releasing healthcare applications into the mobile marketplaces for health management.These applications help individuals track their own biorhythms and contain sensitive information.This case study examines the source code of mobile applications released to GitHub for the Risk of Insufficient Cryptography in the Top Ten Mobile Open Web Application Security Project risks.We first develop and justify a mobile OWASP Cryptographic knowledge-graph for detecting security weaknesses specific to mobile applications which can be extended to other domains involving cryptography.We then analyze the source code of 203 open source healthcare mobile applications and report on their usage of cryptography in the applications.Our findings show that none of the open source healthcare applications correctly applied cryptography in all elements of their applications.As humans adopt healthcare applications for managing their health routines,it is essential that they consider the privacy and security risks they are accepting when sharing their data.Furthermore,many open source applications and developers have certain environmental parameters which do not mandate adherence to regulations.In addition to creating new free tools for security risk identifications during software development such as standalone or compiler-embedded,the article suggests awareness and training modules for developers prior to marketplace software release.

摘要： This paper introduces an Improved RC6(IRC6)cipher for data encryption based on data-dependent rotations.The proposed scheme is designed with the potential of meeting the needs of the Advanced Encryption Standard(AES).Four parameters are used to characterize the proposed scheme.These parameters are the size of the word(w)in bits,the number of rounds(r),the length of the secret key(b)in bytes,and the size of the block(L)in bits.The main feature of IRC6 is the variable number of working registers instead of just four registers as in RC6,resulting in a variable block size for plaintext and ciphertext.The IRC6 cipher is designed to improve the robustness against attacks by increasing the diffusion for each round and providing greater security with fewer rounds.The effectiveness of the proposed IRC6 scheme is verified against theoretical attacks.The proposed IRC6 scheme depends on full diffusion and confusion mechanisms regardless of the utilized block size.The proposed IRC6 scheme saves 70%of the encryption time and 64%of the decryption time of RC6.The simulation results prove that the IRC6 achieves a better encryption/decryption time compared to the traditionalRC6.Therefore,the proposed IRC6 is anticipated to fulfill the market needs and system security requirements.

摘要： In this new information era,the transfer of data and information has become a very important matter.Transferred data must be kept secured from unauthorized persons using cryptography.The science of cryptography depends not only on complex mathematical models but also on encryption keys.Amino acid encryption is a promising model for data security.In this paper,we propose an amino acid encryption model with two encryption keys.The first key is generated randomly using the genetic algorithm.The second key is called the protein key which is generated from converting DNA to a protein message.Then,the protein message and the first key are used in the modified Playfair matrix to generate the cypher message.The experimental results show that the proposed model survives against known attacks such as the Brute-force attack and the Ciphertext-only attack.In addition,the proposed model has been tested over different types of characters including white spaces and special characters,as all the data is encoded to 8-bit binary.The performance of the proposed model is compared with other models using encryption time and decryption time.The model also balances all three principles in the CIA triad.

摘要： COVID-19 is a novel coronavirus disease that has been declared as a global pandemic in 2019.It affects the whole world through personto-person communication.This virus spreads by the droplets of coughs and sneezing,which are quickly falling over the surface.Therefore,anyone can get easily affected by breathing in the vicinity of the COVID-19 patient.Currently,vaccine for the disease is under clinical investigation in different pharmaceutical companies.Until now,multiple medical companies have delivered health monitoring kits.However,a wireless body area network(WBAN)is a healthcare system that consists of nano sensors used to detect the real-time health condition of the patient.The proposed approach delineates is to fill a gap between recent technology trends and healthcare structure.If COVID-19 affected patient is monitored through WBAN sensors and network,a physician or a doctor can guide the patient at the right timewith the correct possible decision.This scenario helps the community to maintain social distancing and avoids an unpleasant environment for hospitalized patients Herein,a Monte Carlo algorithm guided protocol is developed to probe a secured cipher output.Security cipher helps to avoid wireless network issues like packet loss,network attacks,network interference,and routing problems.Monte Carlo based covid-19 detection technique gives 90%better results in terms of time complexity,performance,and efficiency.Results indicate that Monte Carlo based covid-19 detection technique with edge computing idea is robust in terms of time complexity,performance,and efficiency and thus,is advocated as a significant application for lessening hospital expenses.

摘要： The Wireless Sensor Networks(WSNs)are characterized by their widespread deployment due to low cost,but the WSNs are vulnerable to various types of attacks.To defend against the attacks,an effective security solution is required.However,the limits of these networks’battery-based energy to the sensor are the most critical impediments to selecting cryptographic techniques.Consequently,finding a suitable algorithm that achieves the least energy consumption in data encryption and decryption and providing a highly protected system for data remains the fundamental problem.In this research,the main objective is to obtain data security during transmission by proposing a robust and low-power encryption algorithm,in addition,to examining security algorithms such as ECC and MD5 based on previous studies.In this research,the Energy Saving and Securing Data algorithm(ESSD)algorithm is introduced,which provides the Message Digest 5(MD5)computation simplicity by modifying the Elliptic Curve Cryptography(ECC)under the primary condition of power consumption.These three algorithms,ECC,MD5,and ESSD,are applied to Low Energy Adaptive Clustering Hierarchy(LEACH)and Threshold-sensitive Energy Efficient Sensor Network Protocol(TEEN)hierarchical routing algorithms which are considered the most widely used in WSNs.The results of security methods under the LEACH protocol show that all nodes are dead at 456,496,and 496,respectively,to ECC,MD5,and ESSD.The results of security methods under the TEEN protocol show that the test ends at 3743,4815,and 4889,respectively,to ECC,MD5,and ESSD.Based on these results,the ESSD outperforms better in terms of increased security and less power consumption.In addition,it is advantageous when applied to TEEN protocol.

摘要： The use of multimedia data sharing has drastically increased in the past few decades due to the revolutionary improvements in communication technologies such as the 4th generation(4G)and 5th generation(5G)etc.Researchers have proposed many image encryption algorithms based on the classical random walk and chaos theory for sharing an image in a secure way.Instead of the classical random walk,this paper proposes the quantum walk to achieve high image security.Classical random walk exhibits randomness due to the stochastic transitions between states,on the other hand,the quantum walk is more random and achieve randomness due to the superposition,and the interference of the wave functions.The proposed image encryption scheme is evaluated using extensive security metrics such as correlation coefficient,entropy,histogram,time complexity,number of pixels change rate and unified average intensity etc.All experimental results validate the proposed scheme,and it is concluded that the proposed scheme is highly secured,lightweight and computationally efficient.In the proposed scheme,the values of the correlation coefficient,entropy,mean square error(MSE),number of pixels change rate(NPCR),unified average change intensity(UACI)and contrast are 0.0069,7.9970,40.39,99.60%,33.47 and 10.4542 respectively.

摘要： With the rapid miniaturization in sensor technology,Internet-ofDrones(IoD)has delighted researchers towards information transmission security among drones with the control station server(CSS).In IoD,the drone is different in shapes,sizes,characteristics,and configurations.It can be classified on the purpose of its deployment,either in the civilian or military domain.Drone’s manufacturing,equipment installation,power supply,multi-rotor system,and embedded sensors are not issues for researchers.The main thing is to utilize a drone for a complex and sensitive task using an infrastructureless/self-organization/resource-less network type called Flying Ad Hoc Network(FANET).Monitoring data transmission traffic,emergency and rescue operations,border surveillance,search and physical phenomenon sensing,and so on can be achieved by developing a robust mutual authentication and cross-verification scheme for IoD deployment civilian drones.Although several protocols are available in the literature,they are either design issues or suffering from other vulnerabilities;still,no one claims with conviction about foolproof security mechanisms.Therefore,in this paper,the researchers highlighted the major deficits in prior protocols of the domain,i.e.,these protocols are either vulnerable to forgery,side channel,stolen-verifier attacks,or raised the outdated data transmission flaw.In order to overcome these loopholes and provide a solution to the existing vulnerabilities,this paper proposed an improved and robust public key infrastructure(PKI)based authentication scheme for the IoD environment.The proposed protocol’s security analysis section has been conducted formally using BAN(Burrows-Abadi-Needham)logic,ProVerif2.03 simulation,and informally using discussion/pragmatic illustration.While the performance analysis section of the paper has been assessed by considering storage,computation,and communication cost.Upon comparing the proposed protocol with prior works,it has been demonstrated that it is efficient and effective and recommended for practical implementation in the IoD environment.

摘要： We focus on security and privacy problems within a cloud database framework,exploiting the DataBase as a Service(DBaaS).In this framework,an information proprietor drives out its information to a cloud database professional company.The Data-Owner(DO)encrypts the delicate information before transmission at the cloud database professional company end to offer information security.Current encryption ideas,nonetheless,are just halfway homomorphic as all of them intend to enable an explicit kind of calculation,which is accomplished on scrambled information.These current plans can''t be coordinated to solve genuine functional queries that include activities of various types.We propose and evaluate a Verifiable Reliable Secure-DataBase(VRS-DB)framework on shared tables along with many primary operations on scrambled information,which enables information interoperability,and permits an extensive possibility of Structured Query Language(SQL)queries to be prepared by the service provider on the encoded data.We show that our security and privacy idea is protected from two forms of threats and are fundamentally proficient.

摘要： In this age when most organizations make use of cloud computing,it is important to not only protect cloud computing resources from cyber⁃attacks but also investigate these attacks.During forensic investigations in a cloud environment,the investigators fall on service providers for pieces of evidence like log files.The challenge,however,is the integrity of these logs provided by the service providers.To this end,we propose a blockchain⁃based log verification system called BlogVerifier that uses a decentralized approach to solve forensics issues in the cloud.BlogVerifier extracts logs produced in cloud environments,hashes these logs and stores the hashed values as transactional values on the blockchain.The transactions are then merged into blocks and shared on the blockchain.The proposed system also ensures the continuation of an investigation even when the primary source of a log is compromised by using encryption and smart contracts.The proposed system also makes it possible for any stakeholder involved in the forensic process to verify the authenticity of log files.The performance results show that BlogVerifier can be integrated into the cloud environment without any significant impact on system resources and increase in computational cost.

摘要： Private comparison is the basis of many encryption technologies,and several related Quantum Private Comparison(QPC)protocols have been published in recent years.In these existing protocols,secret information is encoded by using conjugate coding or orthogonal states,and all users are quantum participants.In this paper,a novel semi-quantum private comparison scheme is proposed,which employs Bell entangled states as quantum resources.Two semi-quantum participants compare the equivalence of their private information with the help of a semi-honest third party(TP).Compared with the previous classical protocols,these two semi-quantum users can only make some particular action,such as to measure,prepare and reflect quantum qubits only in the classical basis fj0i;j1ig,and TP needs to perform Bell basis measurement on reflecting qubits to obtain the results of the comparison.Further,analysis results show that this scheme can avoid outside and participant attacks and its’qubit efficiency is better than the other two protocols mentioned in the paper.